>Privacy policy

1. Introduction

Bias (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://biaspay.com and use our payment services (collectively, the “Service”).

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

Account Information:

Full name, email address, phone number
Date of birth and government-issued identification
Business name, registration number, and tax identification
Address and contact information
Username and password

Financial Information:

Bank account details and routing numbers
Payment card information (processed securely through our payment processors)
Transaction history and payment records
Credit reports and financial statements (for business accounts)
Income verification documents

Verification Documents:

Government-issued photo identification (driver’s license, passport)
Business registration documents
Proof of address (utility bills, bank statements)
Articles of incorporation or partnership agreements
Professional licenses where applicable

Communication Information:

Information you provide when contacting customer support
Survey responses and feedback
Marketing preferences and communication history

2.2 Information We Collect Automatically

Device and Usage Information:

IP address, browser type, and operating system
Device identifiers and mobile network information
Pages visited, time spent on pages, and click patterns
Referral URLs and search terms used to find our Service
Session recordings and heatmap data (anonymized)

Technical Information:

Cookies and similar tracking technologies
Log files and server data
API usage and integration data
Error reports and performance metrics

Location Information:

Approximate location based on IP address
Precise location (only if you grant permission on mobile devices)
Transaction location data for fraud prevention

2.3 Information from Third Parties

Identity Verification Services:

Information from identity verification providers
Credit bureau reports and scores
Public records and databases
Watchlist and sanctions screening results

Financial Data Providers:

Bank account verification information
Transaction data from connected accounts
Credit and risk assessment data
Open banking data (with your consent)

Business Partners:

Information from our integration partners
Referral data from affiliate programs
Co-marketing campaign data
Joint service provision information

3. How We Use Your Information

3.1 Service Provision

Process payments and transactions
Verify your identity and prevent fraud
Maintain and secure your account
Provide customer support and respond to inquiries
Send transaction confirmations and account notifications

3.2 Legal and Regulatory Compliance

Comply with Know Your Customer (KYC) requirements
Conduct Anti-Money Laundering (AML) screening
Report suspicious activities as required by law
Respond to legal requests and court orders
Maintain records as required by financial regulations

3.3 Risk Management and Security

Detect and prevent fraudulent transactions
Monitor for suspicious account activity
Assess credit and financial risk
Protect against security threats and data breaches
Conduct sanctions and watchlist screening

3.4 Business Operations

Improve and optimize our services
Develop new products and features
Conduct research and analytics
Manage our business relationships
Enforce our Terms of Use

3.5 Marketing and Communications

Send promotional materials and service updates (with consent)
Personalize your experience and recommendations
Conduct market research and surveys
Measure the effectiveness of our marketing campaigns
Provide relevant content and advertisements

For users in the European Economic Area, we process your personal data based on the following legal grounds:

Contract Performance: To provide our services and fulfill our contractual obligations
Legal Obligation: To comply with applicable laws and regulations
Legitimate Interest: For fraud prevention, security, and business operations
Consent: For marketing communications and certain data processing activities

5.1 Service Providers and Business Partners

We may share your information with trusted third parties who assist us in operating our business:

Payment Processors:

Banks and financial institutions
Payment card networks (Visa, Mastercard, etc.)
Electronic payment processors
Currency exchange providers

Technology Partners:

Cloud hosting and infrastructure providers
Software development and maintenance contractors
Data analytics and monitoring services
Customer support platform providers

Professional Services:

Legal counsel and compliance advisors
Accounting and auditing firms
Business consultants and contractors
Marketing and advertising agencies

5.2 Regulatory and Legal Disclosure

We may disclose your information when required by law or to protect our rights:

Government Agencies:

Financial regulatory authorities
Tax authorities and revenue services
Law enforcement agencies
Court orders and legal proceedings

Legal Obligations:

Anti-money laundering reporting
Suspicious activity reports
Sanctions compliance requirements
Subpoenas and regulatory investigations

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to confidentiality agreements.

We may share your information with third parties when you explicitly consent to such sharing.

6. Data Retention

We retain your personal information for as long as necessary to:

Provide our services and maintain your account
Comply with legal and regulatory requirements
Resolve disputes and enforce our agreements
Protect against fraud and security threats

Specific Retention Periods:

Account information: Duration of account plus 7 years after closure
Transaction records: 7 years from transaction date
Identity verification documents: 7 years from account closure
Marketing communications: Until you opt out or 3 years of inactivity
Technical logs: 12 months from creation

7. Data Security

We implement comprehensive security measures to protect your information:

Technical Safeguards:

Advanced encryption for data in transit and at rest
Secure Socket Layer (SSL) certificates
Multi-factor authentication requirements
Regular security audits and penetration testing
Intrusion detection and prevention systems

Organizational Measures:

Employee background checks and security training
Role-based access controls and need-to-know principles
Regular security policy updates and compliance monitoring
Incident response and breach notification procedures
Third-party security assessments

Compliance Standards:

PCI DSS Level 1 compliance for payment card data
SOC 2 Type II certification
ISO 27001 information security management
GDPR and other privacy regulation compliance

8. Your Privacy Rights

8.1 General Rights

Access: Request copies of your personal information
Correction: Update or correct inaccurate information
Deletion: Request deletion of your personal information (subject to legal requirements)
Portability: Receive your data in a structured, machine-readable format
Restriction: Limit how we process your information
Objection: Object to certain types of processing

8.2 Marketing Communications

Opt out of promotional emails through unsubscribe links
Update your communication preferences in your account settings
Contact us to opt out of all marketing communications

8.3 Cookies and Tracking

Manage cookie preferences through your browser settings
Opt out of analytics tracking where available
Control advertising cookies through industry opt-out tools

8.4 Exercising Your Rights

To exercise your privacy rights, contact us at privacy@biaspay.com. We will respond to your request within 30 days (or as required by applicable law).

9. International Data Transfers

9.1 Cross-Border Processing

We may transfer your information to countries outside your residence for processing and storage. We ensure appropriate safeguards are in place:

Adequacy Decisions: Transfers to countries with adequate data protection laws
Standard Contractual Clauses: EU-approved contract terms for data transfers
Binding Corporate Rules: Internal policies for multinational data transfers
Certification Programs: Privacy Shield successors and similar frameworks

9.2 Safeguards for International Transfers

All international transfers include:

Contractual data protection obligations
Technical and organizational security measures
Regular compliance monitoring and audits
Data subject rights and complaint mechanisms

10. Children’s Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

11. State-Specific Privacy Rights

11.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act:

Right to Know:

Categories of personal information collected
Sources of personal information
Business purposes for collecting information
Categories of third parties with whom we share information

Right to Delete: Request deletion of personal information (subject to exceptions)

Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)

Right to Non-Discrimination: We will not discriminate against you for exercising your rights

Sensitive Personal Information: We limit use of sensitive personal information to specified purposes

11.2 Other State Rights

Residents of other states may have additional privacy rights under applicable state laws. Contact us for information about your specific rights.

12. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you use.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected users within 72 hours of discovery (where feasible)
Provide details about the breach and steps we’re taking
Offer guidance on protecting yourself from potential harm
Report the breach to relevant authorities as required by law

14. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Update the “Last Updated” date at the top of this policy
Notify you by email or through our Service
Provide 30 days’ notice before changes take effect
Obtain your consent for material changes where required by law

15. Contact Information

15.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices:

Email: privacy@biaspay.com
Phone: [Phone Number]
Address: [Company Address]

15.2 Data Protection Officer

Our Data Protection Officer can be reached at:

Email: dpo@biaspay.com
Address: [DPO Address]

15.3 Complaints and Regulatory Authorities

If you have concerns about our privacy practices, you may also contact:

EU Residents: Your local data protection authority
UK Residents: Information Commissioner’s Office (ICO)
US Residents: Federal Trade Commission (FTC)

16. Definitions

Personal Information: Information that identifies, relates to, or could reasonably be linked with you or your household.

Processing: Any operation performed on personal information, including collection, use, storage, disclosure, and deletion.

Third Party: An entity other than Bias, you, or our service providers.

Sensitive Information: Personal information that reveals specific categories of data requiring additional protection.

This Privacy Policy reflects our commitment to protecting your privacy and complying with applicable data protection laws. We encourage you to review this policy regularly and contact us with any questions.